summaryrefslogtreecommitdiffstats
path: root/crypto/ext4crypt (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update FDE decrypt to pie from CAFEthan Yonker2019-03-204-9/+40
| | | | | | | | cryptfs.cpp based on CAF tag LA.UM.7.3.r1-05900-sdm845.0 Used CAF because AOSP no longer contains code for qcom's hardware crypto. Change-Id: I921cbe9bed70989f91449e23b5ac3ec1037b7b97
* Add metadata decrypt support for FBEEthan Yonker2019-01-175-5/+301
| | | | Change-Id: Ie0292f4ffea5993a4ae74fa04fc5c8252ca2cfcf
* Decrypt FBE on 9.0 (backwards compatible)Ethan Yonker2018-08-3118-45/+2610
| | | | | | | | | | Building in 9.0 may require you to add a flag to your twrp fstab with the fileencryption details like: fileencryption=ice:aes-256-heh Verify this against your device's stock fstab of course. Change-Id: If9286f5d5787280814daca9fbc8f5191ff26a839
* Merge AOSP android-9.0.0_r3Ethan Yonker2018-08-242-5/+8
| | | | | | Fix conflicts and make it build in 5.1, 6.0, 7.1, 8.1, and 9.0 Change-Id: Ida0a64c29ff27d339b7f42a18d820930964ac6e4
* Merge "ext4crypt: keymaster: fix missing include" into android-8.1big biff2018-03-241-0/+1
|\
| * ext4crypt: keymaster: fix missing includecodeworkx2017-12-261-0/+1
| | | | | | | | Change-Id: I9a6c5a1384bed7f0169d9af94ff8cb22913ff8e4
* | FBE: Decrypt spblob v2 (February security patch)Ethan Yonker2018-03-091-165/+319
| | | | | | | | Change-Id: Iad82fa5d90ce7f3e4b1cf5cd5c6d6fef644f6762
* | Add spblob decrypt for secdis method (Pixel 1 non-weaver)Ethan Yonker2018-01-044-64/+326
|/ | | | | | | | | | | | | | | | | | | | | | | | Support decrypting Pixel 1 devices using secdis method with the gatekeeper instead of weaver. Add a bit of a dirty workaround to a permissions issue that the keystore presents because the keystore checks the uid of the calling process and refuses to let the root user add authorization tokens. We write the auth token to a file and start a separate service that runs under the system user. The service reads the token from the file and adds it to the keystore. You must define this service in your init.recovery.{hardware}.rc file: service keystore_auth /sbin/keystore_auth disabled oneshot user system group root seclabel u:r:recovery:s0 TWRP will run this service when needed. Change-Id: I0ff48d3355f03dc0be8e75cddb8b484bdef98772
* Better compatibility across 8.0.0 treesEthan Yonker2017-11-291-4/+11
| | | | Change-Id: Ic8200da4e99826736e002a1ab5f9e5f967e84193
* FBE for Pixel 2Ethan Yonker2017-11-2815-47/+2154
| | | | | | | | | | | | Includes various minor fixes for building in Android 8 trees with r23+ tag Update FBE extended header in libtar to version 2 and include the entire ext4_encryption_policy structure now after translating the policy. See this post for more details: https://plus.google.com/u/1/+DeesTroy/posts/i33ygUi7tiu Change-Id: I2af981e51f459b17fcd895fb8c2d3f6c8200e24b
* DO NOT MERGE Android 8.0 stuffEthan Yonker2017-08-251-1/+1
| | | | Change-Id: I8c8a9734adbf36c33463123844fa6e078934ae34
* Support backup/restore of FBE policiesEthan Yonker2016-12-137-5/+348
| | | | Change-Id: Iba8ef20f57b0fb57bb9406c53148a806441d0b59
* Support File Based EncryptionEthan Yonker2016-12-1316-0/+2114
Change-Id: Ib688ddd0c32d3999590cacd86b6d9b18eac336e9
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 10:40:44 +0100